Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138312e302f32342d3234203d3e20323136313531.roa
File: 38332e3133362e3138312e302f32342d3234203d3e20323136313531.roa (raw, json)
Hash identifier: nQK7MmXO+QYEQpR8B1xZ7sQxHtHeqsyKIwZpoSoSw3o=
Subject key identifier: 00:AA:DF:56:66:7E:56:FE:D1:89:5D:58:B7:23:EF:77:B6:FC:DF:53
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 02B01AB827E61E8A35B90075E98695D9F5B51465
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138312e302f32342d3234203d3e20323136313531.roa
Signing time: Mon 26 Feb 2024 16:44:40 +0000
ROA not before: Mon 26 Feb 2024 16:39:40 +0000
ROA not after: Mon 24 Feb 2025 16:44:40 +0000
asID: 216151
IP address blocks: 83.136.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:b0:1a:b8:27:e6:1e:8a:35:b9:00:75:e9:86:95:d9:f5:b5:14:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 16:39:40 2024 GMT
Not After : Feb 24 16:44:40 2025 GMT
Subject: CN=00AADF56667E56FED1895D58B723EF77B6FCDF53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4a:8c:f9:d3:fd:dc:f2:c2:fb:ce:bf:f0:1e:
6b:21:1c:3b:76:71:32:40:de:b3:f5:b4:dd:b2:93:
83:94:27:6c:8c:f1:5f:db:b0:50:1e:db:16:59:ff:
29:8d:10:89:b9:18:89:0f:1b:12:80:ab:5d:1a:93:
41:dd:6e:98:a2:80:13:fa:2c:56:3d:6c:ec:24:7e:
50:af:8e:ca:0e:1d:65:ba:54:7c:65:f3:7c:6c:e4:
aa:d9:cd:41:f7:46:b8:bb:b4:8b:8e:e2:9c:0b:20:
b0:c3:fb:1a:ec:f6:1d:f9:18:ba:00:32:af:49:db:
2f:5a:ad:7f:00:3f:b9:1e:fe:f6:74:28:eb:cc:3b:
0a:f4:98:72:a6:a7:9f:e3:9d:5c:2d:8c:41:43:40:
b5:45:7f:e9:f0:ce:1c:94:57:ef:1e:54:60:ed:fa:
90:74:9c:ca:f4:9f:b7:20:62:fe:fc:9f:70:e4:a3:
bc:46:93:04:97:06:5a:83:fe:96:4b:54:1c:cd:98:
db:77:ea:78:39:b1:10:79:ac:ea:8b:fd:6b:9b:cb:
6f:c6:59:60:6d:ab:44:bc:ae:53:0e:5d:99:58:06:
4f:c3:d4:78:78:16:04:fb:2e:87:97:bc:35:62:b9:
b1:be:05:01:c3:39:da:a7:77:15:83:e9:9f:0c:14:
f9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AA:DF:56:66:7E:56:FE:D1:89:5D:58:B7:23:EF:77:B6:FC:DF:53
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138312e302f32342d3234203d3e20323136313531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.181.0/24
Signature Algorithm: sha256WithRSAEncryption
66:ca:c3:c3:48:79:df:67:11:c7:70:ab:6a:04:46:82:d1:b5:
db:8c:1b:d4:e8:b3:0d:47:79:eb:94:23:c0:1d:44:f5:d0:d3:
14:33:8c:73:ee:fb:d4:86:75:47:fc:fc:f8:37:ae:e6:f5:60:
be:f4:de:b2:48:34:e0:6d:7f:0d:4f:70:2d:17:bf:e3:99:74:
83:91:88:8b:14:f8:55:e0:3a:61:76:90:59:7b:91:db:ee:5c:
39:1e:3a:7b:85:11:c1:e2:33:a8:ab:56:6d:05:fb:fd:05:e3:
9e:a1:0e:fd:7d:a2:ba:93:f7:31:cf:47:2f:ed:5a:d7:7d:a8:
ea:8a:b0:da:16:49:80:d0:6c:89:bd:a4:14:b9:98:71:ef:10:
1f:7c:a8:c9:fc:27:1d:a8:9d:f5:c7:4c:4a:5a:7f:cf:5b:80:
ae:67:c9:26:5c:89:91:ed:e7:5a:45:45:35:c3:e2:c5:65:61:
22:5f:c1:c5:00:90:72:f3:30:68:b4:62:22:bb:f2:84:9d:ce:
6b:8b:8f:14:d8:dd:38:8f:57:27:63:52:8c:1a:13:a3:5f:33:
32:50:ac:fa:32:79:3e:8c:94:6c:d6:4b:ac:f6:3d:d4:34:97:
f0:53:14:93:fd:aa:28:f6:25:73:40:6f:85:8a:4d:81:60:a0:
2c:b1:5e:97
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUArAauCfmHoo1uQB16YaV2fW1FGUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYxNjM5NDBaFw0yNTAyMjQxNjQ0NDBaMDMxMTAvBgNV
BAMTKDAwQUFERjU2NjY3RTU2RkVEMTg5NUQ1OEI3MjNFRjc3QjZGQ0RGNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSSoz50/3c8sL7zr/wHmshHDt2
cTJA3rP1tN2yk4OUJ2yM8V/bsFAe2xZZ/ymNEIm5GIkPGxKAq10ak0HdbpiigBP6
LFY9bOwkflCvjsoOHWW6VHxl83xs5KrZzUH3Rri7tIuO4pwLILDD+xrs9h35GLoA
Mq9J2y9arX8AP7ke/vZ0KOvMOwr0mHKmp5/jnVwtjEFDQLVFf+nwzhyUV+8eVGDt
+pB0nMr0n7cgYv78n3Dko7xGkwSXBlqD/pZLVBzNmNt36ng5sRB5rOqL/Wuby2/G
WWBtq0S8rlMOXZlYBk/D1Hh4FgT7LoeXvDViubG+BQHDOdqndxWD6Z8MFPklAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAKrfVmZ+Vv7RiV1YtyPvd7b831MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMzJlMzEzMzM2MmUzMTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM1MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTiLUwDQYJKoZIhvcNAQELBQADggEBAGbKw8NIed9nEcdwq2oERoLRtduMG9To
sw1HeeuUI8AdRPXQ0xQzjHPu+9SGdUf8/Pg3rub1YL703rJINOBtfw1PcC0Xv+OZ
dIORiIsU+FXgOmF2kFl7kdvuXDkeOnuFEcHiM6irVm0F+/0F456hDv19orqT9zHP
Ry/tWtd9qOqKsNoWSYDQbIm9pBS5mHHvEB98qMn8Jx2onfXHTEpaf89bgK5nySZc
iZHt51pFRTXD4sVlYSJfwcUAkHLzMGi0YiK78oSdzmuLjxTY3TiPVydjUowaE6Nf
MzJQrPoyeT6MlGzWS6z2PdQ0l/BTFJP9qij2JXNAb4WKTYFgoCyxXpc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:59 2024 by rpki-client on console-fra.rpki-client.org